Vulnerabilidades en envoyproxy
74 resultadosCVE-2024-45806MEDIUMPotential manipulate `x-envoy` headers from external sources in envoyEPSS 0.4%CVE-2024-45809MEDIUMJwt filter crash in the clear route cache with remote JWKs in envoyEPSS 0.4%CVE-2026-26309MEDIUMEnvoy has an off-by-one write in JsonEscaper::escapeString()EPSS 0.4%CVE-2024-23326MEDIUMEnvoy incorrectly accepts HTTP 200 response for entering upgrade modeEPSS 0.4%CVE-2024-45808MEDIUMMalicious log injection via access logs in envoyEPSS 0.4%CVE-2026-26311MEDIUMEnvoy HTTP: filter chain execution on reset streams causing UAF crashEPSS 0.3%CVE-2026-26330MEDIUMEnvoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directlyEPSS 0.3%CVE-2025-55162MEDIUMEnvoy: oAuth2 Filter Signout route will not clear cookies because of missing "secure;" flagEPSS 0.3%CVE-2026-26308HIGHEnvoy has an RBAC Header Validation Bypass via Multi-Value Header ConcatenationEPSS 0.3%CVE-2025-64763LOWEnvoy forwards early CONNECT data in TCP proxy modeEPSS 0.3%CVE-2025-25294MEDIUMEnvoy Gateway Log Injection VulnerabilityEPSS 0.3%CVE-2020-15104MEDIUMTLS Validation Vulnerability in EnvoyEPSS 0.3%CVE-2025-46821MEDIUMEnvoy vulnerable to bypass of RBAC uri_template permissionEPSS 0.2%CVE-2025-66220MEDIUMEnvoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byteEPSS 0.2%